rodauth-rails 0.9.1 → 0.14.0

data/lib/generators/rodauth/templates/app/views/rodauth/otp_auth.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.otp_auth_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.otp_auth_path, method: :post do %>
   <%%= render "otp_auth_code_field" %>
   <%%= render "submit", value: "Authenticate Using TOTP" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/otp_disable.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.otp_disable_path, method: :post do %>
-  <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
+<%%= form_tag <%= rodauth %>.otp_disable_path, method: :post do %>
+  <%%= render "password_field" if <%= rodauth %>.two_factor_modifications_require_password? %>
   <%%= render "submit", value: "Disable TOTP Authentication", class: "btn btn-warning" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/otp_setup.html.erb

@@ -1,21 +1,21 @@
-<%%= form_tag rodauth.otp_setup_path, method: :post do %>
-  <%%= hidden_field_tag rodauth.otp_setup_param, rodauth.otp_user_key, id: "otp-key" %>
-  <%%= hidden_field_tag rodauth.otp_setup_raw_param, rodauth.otp_key, id: "otp-hmac-secret" if rodauth.otp_keys_use_hmac? %>
+<%%= form_tag <%= rodauth %>.otp_setup_path, method: :post do %>
+  <%%= hidden_field_tag <%= rodauth %>.otp_setup_param, <%= rodauth %>.otp_user_key, id: "otp-key" %>
+  <%%= hidden_field_tag <%= rodauth %>.otp_setup_raw_param, <%= rodauth %>.otp_key, id: "otp-hmac-secret" if <%= rodauth %>.otp_keys_use_hmac? %>
 
-  <div class="form-group">
-    <p>Secret: <%%= rodauth.otp_user_key %></p>
-    <p>Provisioning URL: <%%= rodauth.otp_provisioning_uri %></p>
+  <div class="form-group mb-3">
+    <p>Secret: <%%= <%= rodauth %>.otp_user_key %></p>
+    <p>Provisioning URL: <%%= <%= rodauth %>.otp_provisioning_uri %></p>
   </div>
 
   <div class="row">
     <div class="col-lg-6 col-lg">
-      <div class="form-group">
-        <p><%%= rodauth.otp_qr_code.html_safe %></p>
+      <div class="form-group mb-3">
+        <p><%%= <%= rodauth %>.otp_qr_code.html_safe %></p>
       </div>
     </div>
 
     <div class="col-lg-6 col-lg">
-      <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
+      <%%= render "password_field" if <%= rodauth %>.two_factor_modifications_require_password? %>
       <%%= render "otp_auth_code_field" %>
       <%%= render "submit", value: "Setup TOTP Authentication" %>
     </div>

data/lib/generators/rodauth/templates/app/views/rodauth/recovery_auth.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.recovery_auth_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.recovery_auth_path, method: :post do %>
   <%%= render "recovery_code_field" %>
   <%%= render "submit", value: "Authenticate via Recovery Code" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/remember.html.erb

@@ -1,17 +1,17 @@
-<%%= form_tag rodauth.remember_path, method: :post do %>
-  <fieldset class="form-group">
+<%%= form_tag <%= rodauth %>.remember_path, method: :post do %>
+  <fieldset class="form-group mb-3">
     <div class="form-check">
-      <%%= radio_button_tag rodauth.remember_param, rodauth.remember_remember_param_value, false, id: "remember-remember", class: "form-check-input" %>
+      <%%= radio_button_tag <%= rodauth %>.remember_param, <%= rodauth %>.remember_remember_param_value, false, id: "remember-remember", class: "form-check-input" %>
       <%%= label_tag "remember-remember", "Remember Me", class: "form-check-label" %>
     </div>
 
     <div class="form-check">
-      <%%= radio_button_tag rodauth.remember_param, rodauth.remember_forget_param_value, false, id: "remember-forget", class: "form-check-input" %>
+      <%%= radio_button_tag <%= rodauth %>.remember_param, <%= rodauth %>.remember_forget_param_value, false, id: "remember-forget", class: "form-check-input" %>
       <%%= label_tag "remember-forget", "Forget Me", class: "form-check-label" %>
     </div>
 
     <div class="form-check">
-      <%%= radio_button_tag rodauth.remember_param, rodauth.remember_disable_param_value, false, id: "remember-disable", class: "form-check-input" %>
+      <%%= radio_button_tag <%= rodauth %>.remember_param, <%= rodauth %>.remember_disable_param_value, false, id: "remember-disable", class: "form-check-input" %>
       <%%= label_tag "remember-disable", "Disable Remember Me", class: "form-check-label" %>
     </div>
   </fieldset>

data/lib/generators/rodauth/templates/app/views/rodauth/reset_password.html.erb

@@ -1,5 +1,5 @@
-<%%= form_tag rodauth.reset_password_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.reset_password_path, method: :post do %>
   <%%= render "password_field" %>
-  <%%= render "password_confirm_field" if rodauth.require_password_confirmation? %>
+  <%%= render "password_confirm_field" if <%= rodauth %>.require_password_confirmation? %>
   <%%= render "submit", value: "Reset Password" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/reset_password_request.html.erb

@@ -1,6 +1,6 @@
-<%%= form_tag rodauth.reset_password_request_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.reset_password_request_path, method: :post do %>
   <p>If you have forgotten your password, you can request a password reset:</p>
-  <%% if params[rodauth.login_param] && !rodauth.field_error(rodauth.login_param) %>
+  <%% if params[<%= rodauth %>.login_param] && !<%= rodauth %>.field_error(<%= rodauth %>.login_param) %>
     <%%= render "login_hidden_field" %>
   <%% else %>
     <%%= render "login_field" %>

data/lib/generators/rodauth/templates/app/views/rodauth/sms_auth.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.sms_auth_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.sms_auth_path, method: :post do %>
   <%%= render "sms_code_field" %>
   <%%= render "submit", value: "Authenticate via SMS Code" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/sms_confirm.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.sms_confirm_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.sms_confirm_path, method: :post do %>
   <%%= render "sms_code_field" %>
   <%%= render "submit", value: "Confirm SMS Backup Number" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/sms_disable.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.sms_disable_path, method: :post do %>
-  <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
+<%%= form_tag <%= rodauth %>.sms_disable_path, method: :post do %>
+  <%%= render "password_field" if <%= rodauth %>.two_factor_modifications_require_password? %>
   <%%= render "submit", value: "Disable Backup SMS Authentication" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/sms_request.html.erb

@@ -1,3 +1,3 @@
-<%%= form_tag rodauth.sms_request_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.sms_request_path, method: :post do %>
   <%%= render "submit", value: "Send SMS Code" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/sms_setup.html.erb

@@ -1,5 +1,5 @@
-<%%= form_tag rodauth.sms_setup_path, method: :post do %>
-  <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
+<%%= form_tag <%= rodauth %>.sms_setup_path, method: :post do %>
+  <%%= render "password_field" if <%= rodauth %>.two_factor_modifications_require_password? %>
   <%%= render "sms_phone_field" %>
   <%%= render "submit", value: "Setup SMS Backup Number" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_auth.html.erb

@@ -1,5 +1,5 @@
 <ul>
-  <%% rodauth.two_factor_auth_links.sort.each do |_, link, text| %>
+  <%% <%= rodauth %>.two_factor_auth_links.sort.each do |_, link, text| %>
     <li><%%= link_to text, link %></li>
   <%% end %>
 </ul>

data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_disable.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.two_factor_disable_path, method: :post do %>
-  <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
+<%%= form_tag <%= rodauth %>.two_factor_disable_path, method: :post do %>
+  <%%= render "password_field" if <%= rodauth %>.two_factor_modifications_require_password? %>
   <%%= render "submit", value: "Remove All Multifactor Authentication Methods" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_manage.html.erb

@@ -1,22 +1,22 @@
-<%% if rodauth.two_factor_setup_links.any? %>
+<%% if <%= rodauth %>.two_factor_setup_links.any? %>
   <h2>Setup Multifactor Authentication</h2>
 
   <ul>
-    <%% rodauth.two_factor_setup_links.sort.each do |_, link, text| %>
+    <%% <%= rodauth %>.two_factor_setup_links.sort.each do |_, link, text| %>
       <li><%%= link_to text, link %></li>
     <%% end %>
   </ul>
 <%% end %>
 
-<%% if rodauth.two_factor_remove_links.any? %>
+<%% if <%= rodauth %>.two_factor_remove_links.any? %>
   <h2>Remove Multifactor Authentication</h2>
 
   <ul>
-    <%% rodauth.two_factor_remove_links.sort.each do |_, link, text| %>
+    <%% <%= rodauth %>.two_factor_remove_links.sort.each do |_, link, text| %>
       <li><%%= link_to text, link %></li>
     <%% end %>
-    <%% if rodauth.two_factor_remove_links.length > 1 %>
-      <li><%%= link_to "Remove All Multifactor Authentication Methods", rodauth.two_factor_disable_path %></li>
+    <%% if <%= rodauth %>.two_factor_remove_links.length > 1 %>
+      <li><%%= link_to "Remove All Multifactor Authentication Methods", <%= rodauth %>.two_factor_disable_path %></li>
     <%% end %>
   </ul>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account.html.erb

@@ -1,5 +1,5 @@
-<%%= form_tag rodauth.unlock_account_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.unlock_account_path, method: :post do %>
   <p>This account is currently locked out.  You can unlock the account:</p>
-  <%%= render "password_field" if rodauth.unlock_account_requires_password? %>
+  <%%= render "password_field" if <%= rodauth %>.unlock_account_requires_password? %>
   <%%= render "submit", value: "Unlock Account" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account_request.html.erb

@@ -1,4 +1,4 @@
-<%%= form_tag rodauth.unlock_account_request_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.unlock_account_request_path, method: :post do %>
   <p>This account is currently locked out.  You can request that the account be unlocked:</p>
   <%%= render "login_hidden_field" %>
   <%%= render "submit", value: "Request Account Unlock" %>

data/lib/generators/rodauth/templates/app/views/rodauth/verify_account.html.erb

@@ -1,5 +1,5 @@
-<%%= form_tag rodauth.verify_account_path, method: :post do %>
-  <%%= render "password_field" if rodauth.verify_account_set_password? %>
-  <%%= render "password_confirm_field" if rodauth.verify_account_set_password? && rodauth.require_password_confirmation? %>
+<%%= form_tag <%= rodauth %>.verify_account_path, method: :post do %>
+  <%%= render "password_field" if <%= rodauth %>.verify_account_set_password? %>
+  <%%= render "password_confirm_field" if <%= rodauth %>.verify_account_set_password? && <%= rodauth %>.require_password_confirmation? %>
   <%%= render "submit", value: "Verify Account" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/verify_account_resend.html.erb

@@ -1,6 +1,6 @@
-<%%= form_tag rodauth.verify_account_resend_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.verify_account_resend_path, method: :post do %>
   <p>If you no longer have the email to verify the account, you can request that it be resent to you:</p>
-  <%% if params[rodauth.login_param] %>
+  <%% if params[<%= rodauth %>.login_param] %>
     <%%= render "login_hidden_field" %>
   <%% else %>
     <%%= render "login_field" %>

data/lib/generators/rodauth/templates/app/views/rodauth/verify_login_change.html.erb

@@ -1,3 +1,3 @@
-<%%= form_tag rodauth.verify_login_change_path, method: :post do %>
+<%%= form_tag <%= rodauth %>.verify_login_change_path, method: :post do %>
   <%%= render "submit", value: "Verify Login Change" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb

@@ -1,13 +1,13 @@
-<%% cred = rodauth.webauth_credential_options_for_get %>
+<%% cred = <%= rodauth %>.webauth_credential_options_for_get %>
 
-<%%= form_tag rodauth.webauthn_auth_form_path, method: :post, id: "webauthn-auth-form", data: { credential_options: cred.as_json.to_json } do %>
-  <%%= render "login_hidden_field" if params[rodauth.login_param] %>
-  <%%= hidden_field_tag rodauth.webauthn_auth_challenge_param, cred.challenge %>
-  <%%= hidden_field_tag rodauth.webauthn_auth_challenge_hmac_param, rodauth.compute_hmac(cred.challenge) %>
-  <%%= text_field_tag rodauth.webauthn_auth_param, "", id: "webauthn-auth", aria: { hidden: "true" } %>
+<%%= form_tag <%= rodauth %>.webauthn_auth_form_path, method: :post, id: "webauthn-auth-form", data: { credential_options: cred.as_json.to_json } do %>
+  <%%= render "login_hidden_field" if params[<%= rodauth %>.login_param] %>
+  <%%= hidden_field_tag <%= rodauth %>.webauthn_auth_challenge_param, cred.challenge %>
+  <%%= hidden_field_tag <%= rodauth %>.webauthn_auth_challenge_hmac_param, <%= rodauth %>.compute_hmac(cred.challenge) %>
+  <%%= text_field_tag <%= rodauth %>.webauthn_auth_param, "", id: "webauthn-auth", aria: { hidden: "true" } %>
   <div id="webauthn-auth-button">
     <%%= render "submit", value: "Authenticate Using WebAuthn" %>
   </div>
 <%% end %>
 
-<%%= javascript_include_tag rodauth.webauthn_auth_js_path %>
+<%%= javascript_include_tag <%= rodauth %>.webauthn_auth_js_path %>

data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb

@@ -1,11 +1,11 @@
-<%%= form_tag rodauth.webauthn_remove_path, method: :post, id: "webauthn-remove-form" do %>
-  <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
-  <fieldset class="form-group">
-    <%% (usage = rodauth.account_webauthn_usage).each do |id, last_use| %>
+<%%= form_tag <%= rodauth %>.webauthn_remove_path, method: :post, id: "webauthn-remove-form" do %>
+  <%%= render "password_field" if <%= rodauth %>.two_factor_modifications_require_password? %>
+  <fieldset class="form-group mb-3">
+    <%% (usage = <%= rodauth %>.account_webauthn_usage).each do |id, last_use| %>
       <div class="form-check">
-        <%%= render "field", name: rodauth.webauthn_remove_param, id: "webauthn-remove-#{id}", type: :radio, class: "form-check-input", skip_error_message: true, value: id, required: false %>
+        <%%= render "field", name: <%= rodauth %>.webauthn_remove_param, id: "webauthn-remove-#{id}", type: :radio, class: "form-check-input", skip_error_message: true, value: id, required: false %>
         <%%= label_tag "webauthn-remove-#{id}", "Last use: #{last_use}", class: "form-check-label" %>
-        <%%= render "field_error", name: rodauth.webauthn_remove_param if id == usage.keys.last %>
+        <%%= render "field_error", name: <%= rodauth %>.webauthn_remove_param if id == usage.keys.last %>
       </div>
     <%% end %>
   </fieldset>

data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb

@@ -1,13 +1,13 @@
-<%% cred = rodauth.new_webauthn_credential %>
+<%% cred = <%= rodauth %>.new_webauthn_credential %>
 
-<%%= form_tag rodauth.webauthn_setup_path, method: :post, id: "webauthn-setup-form", data: { credential_options: cred.as_json.to_json } do %>
-  <%%= hidden_field_tag rodauth.webauthn_setup_challenge_param, cred.challenge %>
-  <%%= hidden_field_tag rodauth.webauthn_setup_challenge_hmac_param, rodauth.compute_hmac(cred.challenge) %>
-  <%%= text_field_tag rodauth.webauthn_setup_param, "", id: "webauthn-setup", aria: { hidden: "true" } %>
-  <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
+<%%= form_tag <%= rodauth %>.webauthn_setup_path, method: :post, id: "webauthn-setup-form", data: { credential_options: cred.as_json.to_json } do %>
+  <%%= hidden_field_tag <%= rodauth %>.webauthn_setup_challenge_param, cred.challenge %>
+  <%%= hidden_field_tag <%= rodauth %>.webauthn_setup_challenge_hmac_param, <%= rodauth %>.compute_hmac(cred.challenge) %>
+  <%%= text_field_tag <%= rodauth %>.webauthn_setup_param, "", id: "webauthn-setup", aria: { hidden: "true" } %>
+  <%%= render "password_field" if <%= rodauth %>.two_factor_modifications_require_password? %>
   <div id="webauthn-setup-button"> 
     <%%= render "submit", value: "Setup WebAuthn Authentication" %>
   </div>
 <%% end %>
 
-<%%= javascript_include_tag rodauth.webauthn_setup_js_path %>
+<%%= javascript_include_tag <%= rodauth %>.webauthn_setup_js_path %>

data/lib/generators/rodauth/templates/app/views/rodauth_mailer/unlock_account.text.erb

@@ -1,4 +1,4 @@
-Someone has requested a that the account with this email be unlocked.
+Someone has requested that the account with this email be unlocked.
 If you did not request the unlocking of this account, please ignore this
 message.  If you requested the unlocking of this account, please go to
 <%%= @email_link %>

data/lib/generators/rodauth/views_generator.rb

@@ -18,9 +18,9 @@ module Rodauth
           desc: "Generates views for all Rodauth features",
           default: false
 
-        class_option :directory, aliases: "-d", type: :string,
-          desc: "The directory under app/views/* into which to create views",
-          default: "rodauth"
+        class_option :name, aliases: "-n", type: :string,
+          desc: "The configuration name for which to generate views",
+          default: nil
 
         VIEWS = {
           login: %w[
@@ -112,9 +112,30 @@ module Rodauth
 
           views.each do |view|
             template "app/views/rodauth/#{view}.html.erb",
-              "app/views/#{options[:directory].underscore}/#{view}.html.erb"
+              "app/views/#{directory}/#{view}.html.erb"
           end
         end
+
+        def directory
+          if controller.abstract?
+            fail Error, "no controller configured for configuration: #{configuration_name.inspect}"
+          end
+
+          controller.controller_path
+        end
+
+        def rodauth
+          "rodauth#{"(:#{configuration_name})" if configuration_name}"
+        end
+
+        def controller
+          rodauth = Rodauth::Rails.rodauth(configuration_name)
+          rodauth.rails_controller
+        end
+
+        def configuration_name
+          options[:name]&.to_sym
+        end
       end
     end
   end

data/lib/rodauth/rails.rb

@@ -1,6 +1,9 @@
 require "rodauth/rails/version"
 require "rodauth/rails/railtie"
 
+require "rack/utils"
+require "stringio"
+
 module Rodauth
   module Rails
     class Error < StandardError
@@ -8,12 +11,17 @@ module Rodauth
 
     # This allows the developer to avoid loading Rodauth at boot time.
     autoload :App, "rodauth/rails/app"
+    autoload :Auth, "rodauth/rails/auth"
 
     @app = nil
     @middleware = true
 
     class << self
-      def rodauth(name = nil)
+      def rodauth(name = nil, query: {}, form: {}, session: {}, account: nil, env: {})
+        unless app.rodauth(name)
+          fail ArgumentError, "undefined rodauth configuration: #{name.inspect}"
+        end
+
         url_options = ActionMailer::Base.default_url_options
 
         scheme   = url_options[:protocol] || "http"
@@ -22,14 +30,38 @@ module Rodauth
         host     = url_options[:host]
         host    += ":#{port}" if port
 
+        content_type = "application/x-www-form-urlencoded" if form.any?
+
         rack_env = {
+          "QUERY_STRING"    => Rack::Utils.build_nested_query(query),
+          "rack.input"      => StringIO.new(Rack::Utils.build_nested_query(form)),
+          "CONTENT_TYPE"    => content_type,
+          "rack.session"    => {},
           "HTTP_HOST"       => host,
           "rack.url_scheme" => scheme,
-        }
+        }.merge(env)
+
+        scope    = app.new(rack_env)
+        instance = scope.rodauth(name)
 
-        scope = app.new(rack_env)
+        # update session hash here to make it work with JWT session
+        instance.session.merge!(session)
 
-        scope.rodauth(name)
+        if account
+          instance.instance_variable_set(:@account, account.attributes.symbolize_keys)
+          instance.session[instance.session_key] = instance.account_session_value
+        end
+
+        instance
+      end
+
+      # routing constraint that requires authentication
+      def authenticated(name = nil, &condition)
+        lambda do |request|
+          rodauth = request.env.fetch ["rodauth", *name].join(".")
+          rodauth.require_authentication
+          rodauth.authenticated? && (condition.nil? || condition.call(rodauth))
+        end
       end
 
       if ::Rails.gem_version >= Gem::Version.new("5.2")

data/lib/rodauth/rails/app.rb

@@ -1,6 +1,5 @@
 require "roda"
-require "rodauth"
-require "rodauth/rails/feature"
+require "rodauth/rails/auth"
 
 module Rodauth
   module Rails
@@ -11,40 +10,39 @@ module Rodauth
 
       plugin :hooks
       plugin :render, layout: false
+      plugin :pass
 
       unless Rodauth::Rails.api_only?
         require "rodauth/rails/app/flash"
         plugin Flash
       end
 
-      def self.configure(name = nil, **options, &block)
-        plugin :rodauth, name: name, csrf: false, flash: false, json: true, **options do
-          # load the Rails integration
-          enable :rails
+      def self.configure(*args, **options, &block)
+        auth_class = args.shift if args[0].is_a?(Class)
+        name       = args.shift if args[0].is_a?(Symbol)
 
-          # database functions are more complex to set up, so disable them by default
-          use_database_authentication_functions? false
+        fail ArgumentError, "need to pass optional Rodauth::Auth subclass and optional configuration name" if args.any?
 
-          # avoid having to set deadline values in column default values
-          set_deadline_values? true
+        auth_class ||= Class.new(Rodauth::Rails::Auth)
 
-          # use HMACs for additional security
-          hmac_secret { Rodauth::Rails.secret_key_base }
-
-          # evaluate user configuration
-          instance_exec(&block)
+        plugin :rodauth, auth_class: auth_class, name: name, csrf: false, flash: false, json: true, **options do
+          instance_exec(&block) if block
         end
       end
 
       before do
-        (opts[:rodauths] || {}).each do |name, _|
-          if name
-            env["rodauth.#{name}"] = rodauth(name)
-          else
-            env["rodauth"] = rodauth
-          end
+        opts[:rodauths]&.each_key do |name|
+          env[["rodauth", *name].join(".")] = rodauth(name)
         end
       end
+
+      def rails_routes
+        ::Rails.application.routes.url_helpers
+      end
+
+      def rails_request
+        ActionDispatch::Request.new(env)
+      end
     end
   end
 end